Microsoft Account 'Outlook Web Access' Phishing Scam

Outline

Brief Analysis

The email is not from Microsoft and the claim that users must click a link to upgrade their email accounts is a lie. The message is a phishing scam designed to trick users into sending their Microsoft account login details to criminals.

Example

Upgrade Your Outlook Web Access (OWA).
From: Microsoft account team
Microsoft account
upgrade your email account
To finish setting up this Microsoft account, we just need to make sure you did not loose any messages from your Microsoft Web Access.
Upgrade your email
If the upgrade link did not work click link below, click here to proceed.
Thanks,

The Microsoft account team

Detailed Analysis

According to this email, which claims to be from the Microsoft Account Team, recipients need to click a link in the message to finish setting up their Microsoft account. The message instructs users to click an 'upgrade your email account' link to allow Outlook Web Access and ensure that they do not lose any emails.

However, the email is not from Microsoft and the claim that users must follow a link to upgrade their email account is untrue. Instead, the email is a criminal ruse designed to trick people into giving their Microsoft account details to cybercriminals. Those who fall for the trick and click one of the links as instructed will be taken to a bogus 'Microsoft' website that displays the following login form:

Once they have added their email address and password, victims will then be presented with a message claiming that their 'Outlook account was updated successfully'. Within a few seconds, they will be redirected to a genuine Microsoft website.

Meanwhile, the criminals responsible for the phishing campaign can use the stolen credentials to hijack the real Microsoft accounts belonging to their victims. A 'Microsoft account' is the new name for what was previously known as a 'Windows Live ID.' The one set of login details can be used to access a number of Microsoft services, and are thus a valuable target for scammers.

Online criminals commonly use such phishing techniques. Be wary of any message that claims that you must click a link or open an attachment to upgrade account details, rectify a supposed account issue, or implement new 'security' measures. If you receive a suspect message, do not click on any links or open any attachments that it contains. Instead, login to your account by entering the address into your web browser or via an official account application.

Last updated: March 10, 2014
First published: March 10, 2014
Written by Brett M. ChristensenAbout Hoax-Slayer